Endpoint management is an industry term boils down to providing a secure and stable environment for a community of connected devices. Another name for that connected devices is an endpoint. The computer you are reading this on right now is an endpoint on the network you are connected to.
Franklin OIT works in concert with EITS to provide security on our networks, and we have different roles but the same goal. EITS uses tools that monitor the network for bad actors who have successfully attacked a computer on the network, and will inform Franklin OIT if the endpoint is in our area or range of the network. This is considered a reactive approach to maintaining endpoint security. EITS also proactively monitors the network for known vulnerabilities. This means that an endpoint may not have been compromised yet, but it is susceptible to attack because either the version of the operating system or version of an installed software is vulnerable to attack. It's important to proactively patch, or update to a newer version in which the vulnerability has been remediated.
Franklin OIT tries to play a proactive role in Endpoint Management. We use several tools which allow us to maintain an inventory of computer endpoints, along with installed software versions. We also use these tools to automatically update computer operating systems and software to the latest versions. If there is a particularly nefarious vulnerability, referred to as a zero day, we can look at the inventory to see what endpoints are affected and target them for upgrades.
- talk about policy, and enforcing preferences that are considered best practice for the enterprise environment. Talk about how some preferences which are good for the home user are not good for the enterprise
- talk about the special role of admin accounts, refer to admin policy and relate how it helps achieve the goals above